VPN client - route all traffic trough gateway

Forum|Forum|12 years ago
June 12, 2013
2 replies
14248 views

Hello, we are building Fortigate infrastructure and it seems default Fortigate VPN client does not support what Checkpoint calls Route all traffic through gateway. We simply need to ensure that users with notebook can access internet only trough Fortigate infrastructure (= if not connected to VPN, no internet). How to configure that, which VPN client is sufficient? Thank you.

ede_pfau

SuperUser

Hi, and welcome to the forums. In FC, if you set the remote network to ' 0.0.0.0/0' , ALL traffic from the client will be routed to the tunnel. Make sure you have a second policy in place on the receiving end (FGT) which allows traffic from the tunnel to WAN, with NAT enabled.

Chris_Lin_FTNT

Staff

On FortiGate side, also need to make sure you don' t use split tunnel. The latest FortiClient release is 5.0.4.

xorAuthor

New Member

Thank you. If I read documentation correctly, FC 5 can be managed only by FortiOS 5. Is it safe to deploy FGT with 5.0.2 (100D and 60C and Analyzer 200D)? I am aware there is problem with SSL and explicit proxy, but we wonâ€™t use the explicit proxy. Or should we wait and deploy FortiOS and FC 4.3? And if there is a dashboard e.g. on the hotel wifi, will be user able to connect to the wifi? Edit: so if we declare remote network to ' 0.0.0.0/0' , then all traffic will be dropped if there is no established tunnel? I need configuration, where user can access internet only thru FGT. It there is no tunnel, no internet.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded